#windows

The Image Hover Effects Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title & Description values that can be added to an Image Hover in versions up to, and including, 9.7.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, the plugin only allows administrators access to edit Image Hovers, however, if a site admin makes the plugin's features available to lower privileged users through the 'Who Can Edit?' setting then this can be exploited by those users.

Feehi CMS version 2.1.1 suffers from an authenticated remote code execution vulnerability.

Testa Online Test Management System version 3.5.1 suffers from a cross site scripting vulnerability.

A previously undocumented threat actor of unknown origin has been linked to attacks targeting telecom, internet service providers, and universities across multiple countries in the Middle East and Africa. "The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security

With the update, Microsoft adds features to allow easier deployment of zero-trust capabilities. Considering the 1.3 billion global Windows users, the support could make a difference.

Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. This vulnerability could provide a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.

10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function.

Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd.

Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  We’ve seen attackers capitalize on the news time and again, from COVID-19 to U.S.-North Korea relationships and, of course, holiday shopping sales every November.  So, I was far from surprised to see that attackers are already using U.S. President Joe Biden’s student loan forgiveness plan as a basis for scams and phishing emails.   The Better Business Bureau and the U.S. Federal Trade Commission both released warnings over the past few weeks around fake offers, scams and website links related to the debt forgiveness plan, with which some borrowers will have up to $20,000 worth of loans forgiven.  Many of these scams, coming via phone calls, text messages and emails, are promising to provide guaranteed access to the forgiveness program or early applications for a fee. (Hint: This will not work.) These attackers may also be looking to steal personal information by asking for things like names, ad...